[c-nsp] portchannel & dcef?

Rodney Dunn rodunn at cisco.com
Wed Dec 1 11:12:27 EST 2004 

On Wed, Dec 01, 2004 at 10:36:36AM -0500, Jon Lewis wrote:
> On Wed, 1 Dec 2004, Rodney Dunn wrote:
> 
> > It shouldn't be process switched but rather CEF switched on the RSP.
> > That's why the route-cache line increments there.  We don't support
> > ip accounting in the dCEF path (use netflow) so that's why the
> > traffic was getting punted to the RSP for switching.
> 
> Well, there seems to be yet another counter issue, because the portchannel
> stats said the traffic was being route cache (cef on the RSP) switched,
> but the portchannel member FEs were saying processor switched.  Can an
> RSP4 processor switch 50mbit/s from FE's into a POS?

The counters for the member links probably are bogus since
they are not involved in the switching vector really.

Probably so for large packet sizes with no features.
It's like any other performance question.  I'd set it up in the
lab to verify before saying for sure on any of them.

> 
> > Well, most likely not based on my experience.  You would have to be
> > getting traffic to the box in the first place and usually the routing
> > doesn't converge that quickly.  I once thought we could do a faster
> > software ugprade with SSO and FSU but that wasn't true.  If the RSP's
> > are not on the same version of code it falls back to RPR mode during
> > the upgrade so it's not that much faster.  The time to boot depends
> 
> I was pretty sure you could too, and thought I'd done it before in the
> lab.  I should have access to a spare 7507 later today and will do some
> testing on it.  There are multiple pages at cisco.com that suggest the
> 7500 can do FSU.

Yes.  The 75xx can do FSU but it's not what some people think it
is.  It's not a stateful cutover.  As soon as the HA code realizes
it's a different image it falls back to RPR mode and boots from
scratch.  It is a bit faster but not like running in SSO mode
and the primary crashes and we do an immediate switchover.

> 
> > If it were me and you had a lab to verify the basic setup I would
> > probably look at 12.0(27)S or so based on my work in similar setups
> > lately.  It's the port-channel setup that I haven't worked with.
> 
> For some reason I didn't think 12.0S supported MPLS VPN, but I just looked
> it up in FN, and see that it does appear to.  Now I have to wonder why did
> I move to 12.2S?  Perhaps it was for RPR+ support which was first
> available in 12.2S?...but is also now in 12.0S.

All of the initial HA work for the 75xx was done in 12.0S so it was
there first.  And surely all of the MPLS/VPN stuff is there.

Like Jared said it may have been for IPV6 but without that the
only other driving forces to move to 12.2S are MPLS HA.

 

> 
> ----------------------------------------------------------------------
>  Jon Lewis                   |  I route
>  Senior Network Engineer     |  therefore you are
>  Atlantic Net                |
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

More information about the cisco-nsp mailing list